buffer: remove error for malformatted hex string#12012
Uh oh!
There was an error while loading. Please reload this page.
Conversation
Trott added buffer 
nodejs-github-bot added buffer 
Trott commented Mar 23, 2017
Rather than attempting to adjust the behavior of our code to match the error message (as in #3773) this takes the approach of adjusting the error message to more accurately report the issue that is found. (Of course, we can always implement more complete and robust error checking like in #3773 at a later date if deemed desirable and performant.) |
Trott commented Mar 24, 2017
targos left a comment
targos left a comment There was a problem hiding this comment.
Maybe a RangeError is appropriate?
test/parallel/test-buffer-alloc.js Outdated
src/node_buffer.cc Outdated
There was a problem hiding this comment.
Maybe we can be a bit more explicit about it? Something like String length must be a multiple of 2 if encoding is "hex"?
There was a problem hiding this comment.
Perhaps hex string length must be a multiple of 2
There was a problem hiding this comment.
I'm starting to think this check isn't really worthwhile and the right thing to do is remove it. This error is still misleading in that if you get it, one would reasonably expect there's more validation going on for hex strings than just a length check. One would reasonably expect that we check for valid hex chars. But we don't. We happily allow out-of-range characters just as long as the string length is divisible by two.
The upshot is puzzling behavior like this:
> Buffer.from('xx', 'hex')<Buffer > > Buffer.from('x', 'hex')TypeError: Invalid hex string at Buffer.write (buffer.js:769:21) at fromString (buffer.js:213:18) at Function.Buffer.from (buffer.js:105:12) at repl:1:8 at ContextifyScript.Script.runInThisContext (vm.js:23:33) at REPLServer.defaultEval (repl.js:339:29) at bound (domain.js:280:14) at REPLServer.runBound [as eval] (domain.js:293:12) at REPLServer.onLine (repl.js:536:10) at emitOne (events.js:101:20) > Buffer.from('abxx', 'hex')<Buffer ab> > Buffer.from('abx', 'hex')TypeError: Invalid hex string at Buffer.write (buffer.js:769:21) at fromString (buffer.js:213:18) at Function.Buffer.from (buffer.js:105:12) at repl:1:8 at ContextifyScript.Script.runInThisContext (vm.js:23:33) at REPLServer.defaultEval (repl.js:339:29) at bound (domain.js:280:14) at REPLServer.runBound [as eval] (domain.js:293:12) at REPLServer.onLine (repl.js:536:10) at emitOne (events.js:101:20) > It would be a whole lot less puzzling if this happened:
> Buffer.from('xx', 'hex')<Buffer > > Buffer.from('x', 'hex')<Buffer > > Buffer.from('abxx', 'hex')<Buffer ab> > Buffer.from('abx', 'hex')<Buffer ab> >Principle Of Least Astonishment to me says we either accept anything and do the best we can or else we do reasonably rigorous error checking.
Trott commented Mar 24, 2017
If I got a RangeError, I would expect it to be something like the string contained characters that were invalid hex digits ( |
Trott commented Mar 24, 2017
Reprinting an above comment down here for more visibility: I'm starting to think this check isn't really worthwhile and the right thing to do is remove it. This error is still misleading in that if you get it, one would reasonably expect there's more validation going on for hex strings than just a length check. One would reasonably expect that we check for valid hex chars. But we don't. We happily allow out-of-range characters just as long as the string length is divisible by two. The upshot is puzzling behavior like this: > Buffer.from('xx', 'hex')<Buffer > > Buffer.from('x', 'hex')TypeError: Invalid hex string at Buffer.write (buffer.js:769:21) at fromString (buffer.js:213:18) at Function.Buffer.from (buffer.js:105:12) at repl:1:8 at ContextifyScript.Script.runInThisContext (vm.js:23:33) at REPLServer.defaultEval (repl.js:339:29) at bound (domain.js:280:14) at REPLServer.runBound [as eval] (domain.js:293:12) at REPLServer.onLine (repl.js:536:10) at emitOne (events.js:101:20) > Buffer.from('abxx', 'hex')<Buffer ab> > Buffer.from('abx', 'hex')TypeError: Invalid hex string at Buffer.write (buffer.js:769:21) at fromString (buffer.js:213:18) at Function.Buffer.from (buffer.js:105:12) at repl:1:8 at ContextifyScript.Script.runInThisContext (vm.js:23:33) at REPLServer.defaultEval (repl.js:339:29) at bound (domain.js:280:14) at REPLServer.runBound [as eval] (domain.js:293:12) at REPLServer.onLine (repl.js:536:10) at emitOne (events.js:101:20) > It would be a whole lot less puzzling if this happened: > Buffer.from('xx', 'hex')<Buffer > > Buffer.from('x', 'hex')<Buffer > > Buffer.from('abxx', 'hex')<Buffer ab> > Buffer.from('abx', 'hex')<Buffer ab> >Principle Of Least Astonishment to me says we either accept anything and do the best we can or else we do reasonably rigorous error checking. |
addaleax commented Mar 24, 2017
That’s mostly what we do for |
Trott commented Mar 25, 2017
Done! PTAL |
Trott changed the title Trott changed the title addaleax commented Mar 25, 2017
test/parallel/test-buffer-alloc.js Outdated
There was a problem hiding this comment.
Can you add a test where the resulting length is >0 ?
Like Buffer.from('abx', 'hex')
Remove error message when a hex string of an incorrect length is sent to .write() or .fill(). Fixes: nodejs#3770
jgeewax commented Mar 26, 2017
(Just chiming in as this relates to #4877) It's clear that there's precedent here with base64 (it clearly just swallows any invalid characters): >Buffer.from('not !**# base64 at all_... !!!!','base64').toString('base64')'notbase64atall//'Would it make sense to also add "strict mode" where invalid values are rejected? In other words, I'd guess there is a not-insignificant group of folks out there who would prefer to be told when garbage goes into creating a new Buffer (since they're saying what the format should be). A strict mode wouldn't hurt those of us who just want the buffer to do "just do the best it can", and is super helpful to those of us that want to be notified when we accidentally send invalid values into the Buffer. A few options that seem reasonable:
Not sure if it matters also, but short-cut validation methods that check whether the |
@jgeewax I definitely see that sort of error-checking safety as useful behavior and while I wish it was what Node.js did, it does seem like there's no reason that validating input like that can't be implemented as a userland module. EDIT: And if a userland module can show a way to do it in a performant way, that might even be a path into Node.js core. My sense right now is that most of the objections/hesitance about expanding the error checking is the performance hit incurred. |
addaleax commented Mar 26, 2017
@jgeewax If we were designing Node from scratch, we’d probably implement one of your suggestions (which all make sense from an API perspective), but I think they all come with some kind of negative performance impact that we would want to avoid now. |
Trott commented Mar 28, 2017
Trott commented Mar 28, 2017
Landed in 682573c |
Remove error message when a hex string of an incorrect length is sent to .write() or .fill(). PR-URL: nodejs#12012Fixes: nodejs#3770 Reviewed-By: Anna Henningsen <[email protected]> Reviewed-By: Michaël Zasso <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Sakthipriyan Vairamani <[email protected]>
buffer behaviour change caused by: nodejs/node#12012 landed in: nodejs/node@682573c11
10 participants
Improve accuracy of the error message when a hex string of an incorrect
length is send to .write() or .fill().
Fixes: #3770
Checklist
make -j4 test(UNIX), orvcbuild test(Windows) passesAffected core subsystem(s)
buffer